隨著網路服務所提供的功能越來越多且複雜,網路服務處在網際網路的開放式環境下,其資訊安全問題也日益受到重視。有鑑於此,本研究提出“網路服務信任評估機制(Web Service Trust Evaluation Mechanism, WSTEM)",包含有使用者端、服務提供者之簡易物件通訊協定伺服器、以及網路服務登錄中心(Registry)。WSTEM選擇適當的網路服務評估準則,同時考慮主觀與客觀的安全因子,以使用者的安全等級要求為基礎,使用理想解類似度偏好順序評估調整法(Modified Technique for Order Preference by Similarity to Ideal Solution Method, TOPSIS)做為網路服務推薦方式,並支援回饋修正機制,以信任區間取得可靠之網路服務內容滿意度,再運用層級分析法(Analytic Hierarchy Process, AHP)取得使用者之回饋權重,建立一個信任的網路服務推薦機制。在系統模擬實驗中,本論文模擬一可支援WSTEM之信任網路服務推薦系統(Trusted Web Service Recommendation System, TWSRS),由模擬結果中可發現,本論文提出之WSTEM可有效避免存取到惡意服務。
In recent years, Web Services (WS) are becoming more complex and popular, and their security issues are also important. However, WS-Security standards only support the WS transaction security during transmission and do not consider the WS content (e.g., reliability). In this paper, we propose a novel Web Service Trust Evaluation Mechanism (WSTEM) which uses the appropriate WS evaluation criteria and considers the security factors in subjective and objective. WSTEM which is based on the user's WS-Security requirement uses Modified Technique for Order Preference by Similarity to Ideal Solution Method (TOPSIS) and Analytic Hierarchy Process (AHP) to compute the trust values of WS according to users' feedback and trust value revision for trusted WS recommendation.In the simulation stage, we propose a system, Trusted Web Service Recommendation System (TWSRS), which is based on WSTEM. The results show that users can avoid invoking the insecure WS through WSTEM. The aim is to improve WS-Security for the evaluation of WS content security and providing more trusted WS to users.